Host Based Cyber Systems Analyst IV

Argo Cyber SystemsArlington, VA
17dHybrid
Match Resume

About The Position

Argo Cyber Systems provides remote and onsite advanced technical assistance, proactive hunting, rapid onsite incident response, and immediate investigation and resolution using host-based, network-based and cloud-based cybersecurity analysis capabilities. Team personnel provide front line response for digital forensics/incident response (DFIR) and proactively hunting for malicious cyber activity. We are seeking Cyber Network Defense Analysts (CNDA) with Cloud Forensics experience to support this critical customer mission.

Requirements

  • U.S. Citizenship
  • Active TS/SCI clearance
  • Ability to obtain Department of Homeland Security (DHS) Entry on Duty (EOD) Suitability
  • 8+ years of experience in cyber forensic investigations with leading tools and techniques.
  • Strong understanding of SaaS, PaaS, and IaaS in cloud environments, and hybrid identity security.
  • Expertise in acquiring forensically sound evidence, analyzing attacks, and reporting findings.
  • Knowledge of M365/Azure, hybrid identity, and threats targeting these solutions.
  • Knowledge of AWS, IAM, and best practices for cloud identity security.

Nice To Haves

  • Strong API and scripting skills (PowerShell, Python, Bash, JavaScript) for automation and threat detection.
  • Knowledge of common and advanced cloud attacks and techniques, and how to detect and mitigate these threats.
  • Proficiency with cloud automation and orchestration tools (Terraform, Kubernetes, CloudFormation, Azure Resource Manager, Docker).

Responsibilities

  • Conduct forensic acquisition and analysis from on-premises and cloud platforms (Entra ID/Azure AD, M365, AWS, GCP, SaaS) to identify compromise activity, persistence mechanisms, and data exfiltration.
  • Investigate and respond to incidents and attacks targeting cloud and hybrid identity.
  • Correlate cloud control-plane events and network telemetry (e.g., Azure Activity Logs, AWS CloudTrail, VPC Flow Logs) to reconstruct attacker timelines, validate IOCs, and identify post-compromise privilege escalation.
  • Develop and operationalize detection logic and automation using cloud-native tools (Microsoft Defender, Sentinel, AWS GuardDuty, GCP Chronicle) and scripting (PowerShell, Python, Bash), integrating threat intelligence feeds and indicators.
  • Produce technical reports, incident documentation, and containment recommendations integrating cloud, identity, and endpoint findings; support development of incident response playbooks and procedures for cloud and hybrid environments.
  • Support cloud development and automation projects to enhance threat emulation, investigative, and hunting capabilities.
  • Coordinate with internal teams, government staff, and external stakeholders to validate alerts and investigate preliminary findings.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

No Education Listed

Job Search Resources

Similar Host Based Cyber Systems Analyst IV job opportunities

Cyber Host Forensic Analyst IV
Nightwing Intelligence Solutions
Nightwing Intelligence Solutions • Sterling, VA1d • Hybrid
Cyber Host Forensic Analyst IV
Nightwing Intelligence Solutions
Nightwing Intelligence Solutions • Sterling, VA9d
Systems Analyst IV
Cleveland Clinic
Cleveland Clinic8d • Remote
Cyber Security Analyst (IV&V)
Basecamp Consulting & Solutions LLC
Basecamp Consulting & Solutions LLC2d • Onsite
CI Cyber Threat Analyst IV
TechGuard Security
TechGuard Security • St. Louis, MO3d
Cyber Network Defense Analyst IV AP
Nightwing Intelligence Solutions
Nightwing Intelligence Solutions • Sterling, VA4d • Onsite
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service